6006. ADMINISTRATIVE PROCEDURES ON COMPUTER, TELECOMMUNICATIONS AND CLASSROOM TECHNOLOGY USE A. The Chief Technology Officer (CTO) shall administer these regulations. These regulations apply to all San Francisco Community College District students, employees and others granted use of the District’s information resources. These regulations refer to all District information resources whether individually controlled or shared, stand-alone or networked. They apply to all computer, telecommunications, and classroom technology facilities owned, leased, operated, or contracted by the District. This includes but is not limited to personal computers, workstations, mainframes, minicomputers, telephones, multimedia control and playback systems, and associated peripherals, software and information resources, regardless of whether used for administration, research, teaching or other purposes. B. The District’s computer, telecommunications and classroom technology systems are the sole property of San Francisco Community College District. They may not be used by any person without the proper authorization of the District. The computer, telecommunications and classroom technology systems are for San Francisco Community College District instructional and work-related purposes only. All users of the District’s computing systems must read, understand, and comply with the rules outlined in the policy and administrative regulations. BY USING ANY OF THESE SYSTEMS, USERS AGREE THAT THEY WILL COMPLY WITH THESE REGULATIONS. C. This procedure exists within the framework of the District’s board policy and Federal, State, and local laws. Users of District information resources found to have violated any of these regulations will be subject to disciplinary action up to and including, but not limited to, loss of information resources privileges, disciplinary suspension, termination from employment, expulsion, and/or civil or criminal legal action. D. Computer users may not, under any circumstances, transfer or confer these privileges to other individuals. Any account assigned to an individual shall not be used by others without written permission from the Chief Technology Officer. The authorized user is responsible for the proper use of the system, including any password protection. Computer users must not seek to gain unauthorized access to information resources and must not assist any other persons to gain unauthorized access. San Francisco Community College District November 17, 1997 1 6006. Individual departments/units within the District may define additional conditions of use for information resources under their control. These conditions must be consistent with this overall regulation and may provide additional detail, guidelines and/or restrictions. These guidelines can cover such issues as, but not limited to, allowable connect time and disk space, handling of irretrievable mail, responsibility for account approval, and other items related to administering the system. A computer user who has been authorized to use a password-protected account may be subject to both civil and criminal liability if the user discloses the password or otherwise makes the account available to others without permission of the CTO or designee. All access to the District’s computer resources, including the issuing of passwords, must be approved by the CTO or a designee of the District. Computer users of the District’s information resources must not access computers, computer software, computer data or information, or networks without proper authorization, or intentionally enable others to do so, regardless of whether the computer, software, data, information, or network in question is owned by the District. Abuse of the networks to which the District belongs or the computers at other sites connected to those networks will be treated as an abuse of District computer privileges. Other organizations operating computing and network facilities that are reachable via the City College network may have their own policies governing the use of those resources. When accessing remote resources from City College facilities, users are responsible for obeying both the policies set forth in this document and the policies of the other organizations. It is the user's responsibility to be informed of the policies of other outside organizations to which they establish a computer link. E. The Vice Chancellors shall be responsible for the overall coordination and implementation of regulations relating to the use of technology. Managers, department heads, and/or Deans/Directors will take an active role in assuring that technology users are familiar with these regulations. Computer users must respect the integrity of computer-based information resources. 1. Illegal reproduction of copyrighted programs may not be made or used on District equipment. 2. The registered owner of a computer software program may make or authorize the making of another copy or adaptation provided: a. that such a new copy or adaptation is created as an essential step in the utilization of the computer software program in conjunction with a computer and that it is used in no other manner, or San Francisco Community College District November 17, 1997 2 6006. b. that such a new copy is a backup copy and that all such copies are destroyed in the event that the original copy of the computer software program is no longer in the possession of the registered owner. The above guidelines are based on Public Law 96-517, Section 7(b) which amends Section 117 or Title 17, or subsequent laws, of the United States Code. Computer users must not interfere with the access and use of the District’s computers by other computer users. This includes, but is not limited to: the sending of chain letters or excessive messages, either locally or off-campus; printing excess copies of documents, files, data, and/or programs, running grossly inefficient programs when efficient alternatives are known by the user to be available; unauthorized modification of system facilities, operating systems, and/or disk partitions; attempting to crash or tie up a District computer or network; and damaging or vandalizing District computing facilities, equipment, software or computer files. Computer users must not intentionally develop or use programs which disrupt or interfere with other computer users or which access private or restricted portions of the system, or which damage the software or hardware components of the system or user accounts. The use of any unauthorized or destructive programs will result in disciplinary action as provided in this regulation, and may further lead to civil or criminal legal proceedings. Defects (e.g. “loopholes”) in computer security systems or knowledge of a special password should not be used to damage computer systems, obtain extra resources, take resources from another user, gain access to systems, or use systems for which proper authorization has not been given. Any defects discovered in system accounting or system security must be reported immediately to Infromation Technology Services so that steps can be taken to investigate and solve the problem. F. Computer users must respect the rights of other computer users. Attempts to circumvent these mechanisms in order to gain unauthorized access to any system or to another person’s information are a violation of District policy and may violate federal, state and local laws. Unlawful Messages – Computer users may not use District technologies to send defamatory, fraudulent, harassing, obscene, threatening, or other messages that violate applicable federal, state or other law or District policy, or which constitute the unauthorized release of confidential information. San Francisco Community College District November 17, 1997 3 6006. Information Belonging to Others – Computer users must not intentionally seek or provide information on, obtain copies of, or modify data files, programs, or passwords belonging to other users, without the permission of those other users. Rights of Individuals – Computer users must not release any individual’s (including but not limited to students and employees) personal information to anyone without proper authorization. User Identification – Computer users shall not send communications or messages anonymously or without accurately identifying the originating account or station. Political, Personal and Commercial Use – The District is a non-profit, taxexempt organization and, as such, is subject to specific federal, state and local laws regarding sources of income, political activities, use of property and similar matters. Political Use – District information and technology resources must not be used for partisan political activities where prohibited by federal, state or other applicable laws. Personal Use – District information and technology resources should not be used for personal activities unrelated to appropriate District functions, except in a purely incidental manner. Commercial Use – District information and technology resources should not be used for commercial purposes. Electronic communication facilities may not be used to transmit commercial or personal advertisements, solicitations or promotions. Computer users are reminded that the “.edu” and cc.ca.us domains on the Internet have rules restricting or prohibiting commercial use, and users may only conduct activities that are appropriate within those domains. G. All computer users have the right to be free from any conduct connected with the use of the District’s network and computer resources which discriminates against any person on the basis of (but not limited to) race, religious creed, color, national origin, ancestry, gender, sexual orientation, age (over 40), disability, marital status, medical condition or disability or obligations to the National Guard or Reserve forces of the United States. No computer user shall use the District’s network and computer resources to transmit any message, create any communication of any kind, or store information which violates any District policy or regulation regarding San Francisco Community College District November 17, 1997 4 6006. discrimination or harassment, or which is defamatory or obscene, or which constitutes the unauthorized release of confidential information. H. Computer users are responsible for maintaining the following items: 1. An environment in which access to all District computing resources are shared equitably among users. The system administrator of each system sets minimum guidelines within which users must conduct their activities. 2. An environment conducive to learning: a. A user who harasses, or makes defamatory remarks, shall bear full responsibility for his or her actions. Further, by using these systems, users agree that individuals who transmit such remarks shall bear sole responsibility for their actions. Users agree that the District’s role in managing these systems is only as an information carrier, and that they will never consider transmission through these systems as an endorsement of said transmission by the District. b. Many of the District computing systems provide access to outside networks, both public and private, which furnish electronic mail, information services, bulletin board, conferences, etc. Users are advised that they may encounter material that may be considered offensive or objectionable in nature or content. Users are further advised that the District does not assume responsibility for the contents of any of these outside networks. c. The user agrees never to attempt to transmit or cause to be transmitted, any message in which the origination is deliberately misleading. The user agrees that, in the unlikely event that someone does transmit, or cause to be transmitted, a message that is inconsistent with an environment conductive to learning or with a misleading origination, the person who performed the transmission will be solely accountable for the message, not the District, which is acting solely as the information carrier. 3. An environment free of illegal or malicious acts. The user agrees never to use a system to perform an illegal or malicious act. Any attempt to increase the level of access to which a user is authorized, or any attempt to deprive other authorized users of resources or access to any District computer system shall be regarded as malicious, and may be treated as an illegal act. San Francisco Community College District November 17, 1997 5 6006. 4. Users are responsible for backup of their own data. I. Software installation, copies, licenses and ownership: A. Computer users must respect copyrights and licenses to software and other on-line information. Number of Simultaneous Users – The number of simultaneous users must be in keeping with the software vendor’s license Copyrights – In addition to software, all other copyrighted information (text, images, icons, programs, etc.) retrieved from the computer or network resources must be used in conformance with applicable copyright and other law. Copied material must be properly attributed. Plagiarism of computer information is prohibited in the same way that plagiarism of any other protected work is prohibited. B. Only legally purchased software may be used on District-purchased computers. Information Technology Services’ designated personnel will install District-purchased software on computers provided for District use. To prove legal ownership and compliance with copyright restrictions, a copy of the license for faculty-owned or staff-owned software must be sent to ITS. C. Departments that have purchased software under a site license agreement must have the license agreement available on site to prove legal ownership and compliance with copyright restrictions or have sent a copy of the license agreement to ITS. K. Any person detecting the apparent illegal use of software will report the suspected usage to the Chief Technology Officer. An individual’s computer use privileges may be suspended immediately upon the discovery of a possible violation of these policies and regulations. Such suspected violation will be confidentially reported to the violator’s immediate supervisor. L. The District does NOT guarantee or warrantee the confidentiality of user files, including e-mail, except where legally or contractually protected. It is the practice of the District and Information Technology Services (ITS) to respect the confidential nature of user files, but the District and the ITS Department reserve the right to view or alter user files when it is necessary. San Francisco Community College District November 17, 1997 6 6006. Any ITS employee must have permission from the appropriate Vice Chancellor prior to investigating or modifying a user file. User files may also be subject to search under court order if such files are suspected of containing information that could be used as evidence in a Court of law. Student files as kept on ITS facilities are considered educational records as covered by the Family Educational Rights and Privacy Act of 1974 (Title 20, Section 1232(g) of the United States Code, also referred to as the Buckley Amendment). In addition, a system administrator may access user files as required to protect the integrity of the computer system. For example, system administrators may access or examine files or accounts that are suspected of unauthorized use or misuse, or that have been corrupted or damaged. Users must be aware of the possibility of unintended disclosure of communications. It is possible for information entered on or transmitted via computer and communications systems to be retrieved, even if a user has deleted such information. The California Public Records Act (Government Code Sections 6250 et seq.) includes computer transmissions in the definition of “public record” and nonexempt communications made on the District network and computers must be disclosed if requested by a member of the public. Computer transmissions and electronically stored information may be discoverable in litigation. M. Dissemination and User Acknowledgement – All users shall be provided copies of these regulations and be directed to familiarize themselves with them. An on-screen message addressing these regulations shall be displayed on District user systems. The message screen shall appear as part of accessing the District network. This message screen acknowledgment shall be in the form as follows: Computer, Telecommunications and Classroom Technology Use Agreement I agree to abide by the standards set in Policy XXX and Administrative Procedures XXX for the duration of my employment and/or enrollment. I am aware that violations of the policy or administrative regulations may subject me to disciplinary action, including but not limited to San Francisco Community College District November 17, 1997 7 6006. revocation of my network access and up to and including prosecution for violation of State, Federal or local law. What we display today: By Accessing and using this system you consent to system monitoring for law enforcement and other purposes. Unauthorized use of this computer system may subject you to criminal prosecution and penalties. Do not copy or install any illegal or unlicensed software on this computer system. San Francisco Community College District November 17, 1997 8